If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

This flaw isn't going to have the effect of lets say... adobe products. And explorer itself couldn't be effected remotely since it uses default icons as a represention of files that aren't directly located on the drive. It would have to already be on disk and displayed within a file menu to take any sort of effect.

Upon reading http://www.microsoft.com/technet/sec...y/2286198.mspx, the link states the following under the faq and I quote "How could an attacker exploit the vulnerability?
An attacker could present a removable drive to the user with a malicious shortcut file, and an associated malicious binary. When the user opens this drive in Windows Explorer, or any other application that parses the icon of the shortcut, the malicious binary will execute code of the attacker’s choice on the victim system.

An attacker could also set up a malicious Web site or a remote network share and place the malicious components on this remote location. When the user browses the Web site using a Web browser such as Internet Explorer or a file manager such as Windows Explorer, Windows will attempt to load the icon of the shortcut file, and the malicious binary will be invoked. In addition, an attacker could embed an exploit in a document that supports embedded shortcuts or a hosted browser control (such as but not limited to Microsoft Office documents). "

I do believe the attack I describe fits within the scope of the second paragraph.

LOL, am I the only one pissing myself laughing? Come on, people have been bashing Microsoft for security since... Well, long before I came along to take the torch and haz burnination lol.

Remember when you had to actually open an email, download the attachment, and then run the thing the idiot who sent it to you named "Yea suck on this *******.exe" lol.

Good times... Apparently you can't even double click anymore! Oh no! I wonder if Apple will make some more of those idiotic ads they love so much about how Mac's only have one button and that might make them safer. And of course how "PC" was always sick with a virus and told Mac to get away and he'd be a jack ass and say he couldn't be infected. Man these people....

Its not something that would "show up on a web page". And when you connect to shared directorys in IE it uses the default icons associated with these files. Browsers haven't automaticly opened word documents and pdf files since 1998.

Maybe I was not clear on how the attack would execute and thus the source of the argument. >.< What I was trying to state was that a malicious website has the victim download unknowingly two components onto the victims machine, the .exe and the .lnk. When the victim navigates(or in some circumstances if the browser automatically opens up the folder) to his/her downloads folder or wherever they put it, the .lnk exploit will trigger and then the malicious .exe will execute. :/

I am sure this can be mitigated by not running\browsing\surfing as administrator....

MLF

Oh good! So only 99% or so of people are at risk as opposed to.. Oh... And, you know, pre-Windows 7 default installations having the Admin account logged in by default without any password whatsoever, and no user adding panel like other OSs, and the general "If you don't want to browse as admin, or do anything like that, well, you CAN do it, but since 99% of you in the Home Computer Market have no idea why, or how, a Computer works, or why, or how, you shouldn't do this, and instead of trying, we'll make the ADMIN account, log in not only as the default account, we won't put a password on that either, and if you do want to, all you have to do is get into the user and account area of Control Panel, and set a password, and make a user for yourself that isn't admin, even though you type your normal name to log in and..."....

I can't imagine more than 2 or 3 people out of 3,000 even getting through half of that without saying screw it and leaving it alone.

I brought this up already and pointed it out, but just because Windows CAN be locked down, doesn't mean it is, and auto log in, though neat for those who don't care about a password.... It works great on Linux, where the Root account isn't the default by any means, and you have to add a non root user, and then you can have THAT account auto log in...

It's not that Auto Login is a terrible idea, I know why people like it, they don't have to do anything! It's like those days of Windows 9X where clicking on Cancel would let you in just as well as the password.... (Remember Profiles? Lol)....

In other words, sure, for those of us who know what we're doing with a Computer, this thing is probably crap, but for literally more than 90% of the Home Users? Pffft.

If the solution was as simple as "Well don't use the admin account" you'd be out of a job.

Its still dog doo-doo when it comes to permissions though. Your allowed to read, execute, and write (but not modify) almost anything you want as nobody. Under a guest account in windows your not given write access to anything at all.